Future Vote: Computerized Balloting is Taking Over Elections In Maryland–But Can We Trust the Results?

On Nov. 21, a computer programmer for Autotote, an electronic-wagering company, admitted in court that he was the “inside man” in a computer-based scheme that manipulated horse-racing stakes, culminating in an Oct. 23 Breeders’ Cup wager that would have yielded $3 million in winnings for a Baltimore man had the bet not raised suspicions.

The scandal prompted the National Thoroughbred Racing Association to convene a panel headed by former New York mayor Rudolph Giuliani to review the industry’s computer-betting system. It also spawned a lawsuit: Gambler Jimmy “the Hat” Allard accuses Autotote of negligence, claiming in a statement made through his law firm that the “betting public may have been cheated out of countless millions of dollars for possibly the past eight years” due to lapses in the company’s computer security.

This fall, voters in four Maryland counties for the first time cast ballots on computerized voting machines using a technology called “direct recording electronic” (DRE), a system that Baltimoreans have been using since 1998. The whole state is scheduled to switch over to a unified computer voting system by 2006, but DRE system skeptics question the system’s security because, just like the Breeders’ Cup betting scandal, it could be rigged using computer code.

Imagine a computer programmer at Diebold Election Systems or Sequoia Pacific Systems, the two companies that manufacture computer voting machines used in Maryland, manipulating the software code used to run the machines to tweak the results in favor of some candidate, some party, some agenda. Imagine that he or she gets caught overreaching. Losers and voters in computerized elections nationwide would mull lawsuits and question the integrity of their races’ results, just as Allard questions whether bettors have been cheated all along by the Autotote system.

“If you can fix the Breeders’ Cup, I guess it’s certainly possible to do the same with computer elections,” says former Maryland U.S. Attorney George Beall, who also headed the state task force that investigated voting irregularities in the 1994 Baltimore City election. Given the potential stakes in politics vs. gambling–a hand on the purse strings of the public agenda, compared to a winning Pick Six ticket worth $3 million–the possibility seems worthy of consideration.

The potential stakes are even higher than the outcome of a few political campaigns. An actual incident of computer-voting fraud, should one ever be discovered, would cause a crisis of democracy. In addition to criminal charges being brought and state panels being convened to investigate, a shadow of doubt would fall over the legitimacy of all those who gained office with votes cast through computers, and the electorate’s confidence in how we choose our leadership would fall further. There’s never been a proven case, but what’s to prevent it from happening?

Precious little, nationally recognized computer-security experts say. First and foremost among them are Peter Neumann, principal scientist at SRI International’s computer-science lab in Menlo Park, Calif., and Rebecca Mercuri, computer-science professor at Bryn Mawr College outside Philadelphia. Despite their well-aired warnings over at least the past 15 years and a few minor scandals involving the three companies that make most of the voting machines, simple steps that would abate the risk of tampering have not been implemented as counties and states across the country–and governments around the world–increasingly switch to computers for holding elections.

Federal legislation passed this fall, the Help America Vote Act (HAVA), includes $3.9 billion to help jurisdictions pay for election-technology upgrades, so, barring any changes in the trend, many more voters can look forward to casting digital ballots in the years ahead.

Diebold Election spokesman Joe Richardson says the security concerns that Neumann and Mercuri raise about DRE voting systems are moot. The level of security precautions already taken are sufficient to provide “what the voters are looking for,” which, he says, is “peace of mind” that their votes were accurately recorded and counted. So why not give it to them by implementing the additional security that the skeptics say will prevent fraudulent outcomes while protecting ballot secrecy? Because the existing security “does not necessitate it,” Richardson says.

In the coming months, the new HAVA regulations governing election technology will be written, and skeptics hope adequate security measures will be included. Even if they are, though, there’s no way to be assured of the integrity of computer elections already held. A look at some of those outcomes in light of the security risks posed by electronic voting gives cause for concern.

When all was said and done, the Maryland elections on Nov. 5 were good to Bob Urosevich. As the president of North Canton, Ohio-based Diebold Election Systems, his reputation was riding on the performance of the AccuVote-TS computer-voting system, which got its first workout in Maryland during the fall elections. The state and Montgomery, Prince George’s, Dorchester, and Allegany counties split the $13 million price tag for nearly 5,000 of Diebold’s touch-screen units, which resemble the ubiquitous ATMs manufactured by Diebold Election’s parent company, Diebold Inc. “We are pleased all four counties had successful general elections,” Urosevich said in a press release the next day, “and look forward to working on the statewide implementation of this secure voting technology.”

This fast-emerging way to vote appears at first glance to be manifestly better than what it is replacing. Lasting memories of past election debacles involving punch cards or lever machines–Florida in 2000, say, or Baltimore City in 1994–strengthen the allure of voting via a central device in most Americans’ daily lives: the computer. So governments worldwide are increasingly relying on this privately owned technology to run public elections.

The rub, though, is in what can’t be seen when the computers are recording and tabulating the votes–the proprietary software code that runs the system.

Like any voting system–and despite Urosevich’s emphasis on its secure nature–DRE is not fraud-proof. With computers, security experts say, the method of committing election fraud is, in theory, insidiously simple. Here’s how it would work: A company insider who knows how to write computer code surreptitiously inserts some nefarious programming language into the election software, causing votes on Election Day to be recorded and tabulated in whatever fashion achieves his or her purpose–for example, redirecting a small percentage of votes cast for Candidate A to Candidate B’s total. Such a piece of code could run without otherwise obviously affecting the machine’s operation or the outcome of other races.

Since nearly all computer elections are paperless, there is no independent, voter-verified record with which to compare the computer-generated outcome in the event of a recount. Computer-voting recounts, therefore, are merely a matter of taking another look at the same data that was stored in the computer’s memory after the polls closed, and are therefore unlikely to produce any changes in the results. As long as the outcome is not patently bizarre–a complete unknown beats a popular incumbent in a landslide, for example, or more votes are cast than there are voters–it would be exceedingly difficult to question it. Knowing that the industry considers each election software code to be a trade secret, and won’t let anyone examine it without a court order, the corrupt insider is able to commit the crime without fear of detection.

Neumann, the computer-security expert with SRI International, says the Breeders’ Cup scandal aptly illustrates core security problems with electronic voting. The difference in the security precautions taken in electronic wagering vs. computer voting lies in what he calls the “desire for accountability.” In betting, “you want complete accountability,” he explains. “Everything’s on the record, and there’s no anonymity.” Someone places a computer bet, and information associated with that bet is maintained so a name and a face can later be connected to it, if need be. With voting, though, “you want to maintain a level of secrecy, of anonymity, in the ballot. So the desire for accountability is less. And vendors, when selling these systems, essentially say, ‘If you want ballot secrecy, we’re not going to be able to give you accountability.'” The result: vastly less stringent safeguards in protecting computer elections from fraud than exist in protecting online wagering from fraud.

Clearly, this potential risk is not registering with decision-makers, at least not to the point where they demand a more secure system. The only example of a jurisdiction changing its mind about purchasing a DRE voting system, Neumann says, is from the mid-1990s, when New York City canceled a contract with Sequoia because of the concerns he continues to voice today. Otherwise, the trend is clear: Elections officials across the country–in Florida, Georgia, California, Texas, and Louisiana, to name but a few states–and officials as far away as Brazil and Belgium are opting to buy DRE systems. And when Maryland Secretary of State John Willis announced earlier this year that 2006 is the target date for all state elections to be entirely electronic, he did so fully aware of these risks. Today, he defends the decision, saying the state “felt that the advantages outweighed the disadvantages.”

“An absolute disaster.” That’s how Neumann characterizes Maryland’s decision to go with a unified, statewide DRE system without an independently verified audit trail. Neumann is not some loopy conspiracy nut who happens to have a lot of letters after his name. With his double-doctorate and 50 years as a computer scientist, he is the widely respected principal scientist at SRI, where he has worked since 1971. Earlier this year, he received the highest honor in information security: the Computer System Security Award from the U.S. Commerce Department’s National Institute of Standards and Technology and the National Security Agency. When Neumann uses words like “absolute disaster,” they carry some authority.

“He’s being totally cynical about the process,” retorts Willis, who chaired the Special Committee on Voting Systems and Procedures in Maryland, which recommended a unified DRE system. “It was the intent of the commission and of the governor and state legislature to capture as much voter intent as possible as efficiently as possible. And with Diebold’s system, we are capturing more voter intent–assuming we believe the codes are right and nobody’s manipulating them.”

How does Willis know that’s not happening? “Well, one, you have to have confidence in the vendor,” he says. “And then you have testing before, during, and after the election, and the source codes are kept in escrow so they can’t be changed. And then if something looks odd in the outcome, there are experienced people around who are going to notice aberrations from historical voting patterns at the precinct level. And if it could be empirically demonstrated that something there does not make sense, then a court could order a look at the code and the outcome would be challenged with technical expertise.

“So if somebody tried to rig a computer election here, it would require a good deal of sophistication. I think we’d be able to detect it,” Willis continues. “But if they can beat all of that, how would we detect it and what would be do about it? Well, the academics are right–some of those questions are still unaddressed. We were aware of the risks, and I have no objection to raising theoretical concerns, and I can’t say that those risks aren’t there, but they were outweighed by the advantages of capturing as much voter intent as possible.”

Neumann and Mercuri have some simple advice on how to get around the security problems that Willis describes: After a vote is cast, they say, the computer should issue a physical record of the choices made by the voter, not unlike an ATM receipt. The voter would then review the record for accuracy and drop it into a precinct lockbox. That way, in the event of a recount, the computer-generated outcome can be compared to the independently verified record contained in the lockbox. Absent such voter-verified receipts, Neumann says, “there is absolutely zero accountability.”

Given this apparently simple solution, why are states buying DRE systems that don’t provide such independent auditability? Maryland’s commission weighed the option but decided against it, Willis says.

“We went through this philosophical debate over the whole idea of having paper records and putting them in a drop box,” he says. “But at that point, it starts to seem like, ‘So why not just go back to paper ballots?’ And there are all sorts of problems with paper ballots.” Willis acknowledges that providing such receipts would only require reconfiguring the printers already inside each Diebold machine in Maryland, but adds that “it’s very labor intensive” to do manual recounts with receipts–“and there are going to be recounts.”

Mercuri says she suspects election administrators like the potentially vulnerable computer systems because the recounts are so orderly and predictable–you always get the same outcome from the computer’s memory. No messy manual recounts, no legal arguments over voter intent–no Florida 2000 debacles.

Diebold Election’s voting industry director, Mark Radke, points out that his company’s system offers an audit-trail option: the ability to print out each and every ballot, if the need arises. They’re called “ballot images,” and Mercuri says they “prove nothing” because voters do not see them at the time they vote and thus can’t verify that the ballot accurately reflects their intended votes.

Asked repeatedly, “Is a ballot image a voter-verified receipt?” Radke refuses to give a yes or no answer. Instead, he repeatedly stresses the “overall security of the software,” pointing out that testing, data scrambling, and encryption all work to secure the system to insure it produces accurate outcomes. As for the idea that a lack of voter-verified receipts may be sufficient to undermine voter confidence, Radke responds, “At that point, I guess we’ll just have to agree to disagree,” adding that, to date, no jurisdiction has asked for receipts.

Another factor to consider in trying to explain the rush to DRE technology is the influence of lobbyists. In Maryland this year, Diebold competitor Election Systems & Software hired a team of four lobbyists from the Annapolis firm Alexander & Cleaver. During the current election cycle, the company and the lobbyists combined have given nearly $30,000 to Maryland political campaigns–including to those of state senators Michael Collins (D-6th) and Joan Carter Conway (D-43rd), both members of the commission that recommended the new DRE systems. That kind of expenditure buys access to lawmakers, who (short of meddling in the procurement process) can help lobbyists influence state officials as they decide what election technology to buy.

At the federal level, the lobbying activity by Election.com is notable. Billing itself as “the global election company,” Election.com provides computer election services and aims to talk the federal government into staging a national online computer election. With capital and a line of credit secured by Saudi investors, and former Republican congressman, cabinet member, and vice-presidential candidate Jack Kemp on its five-member board, Election.com has substantial political clout. An extra push was provided in 2000, when the company spent $100,000 to further its cause by hiring two lobbyists who specialize in representing the information-technology industry. Apparently, it paid off: In late October, Newsday reported that Election.com’s federal contract to administer online electronic elections for the military in 2004 “appears on track.”

Election Systems, of Omaha, Neb., doesn’t have far to go for friends in high places. Major shareholder Michael McCarthy serves as the campaign treasurer for conservative Republican Nebraska Sen. Chuck Hagel, who is sure to answer the company’s calls.

For Neumann, though, the rapid switch to DRE systems boils down to a simple explanation: “Inertia. There is simply no recognition on the part of the voting public as to how vulnerable the systems are,” he says. “Nobody’s listening, because voters, by and large, don’t understand the technology. And the vendors stonewall any attempt to drive them into accountability, and I can only assume it’s because then [the vendors] can’t rig anything. I have no hard evidence that they do, but I don’t know what else it could be.”

It’s one thing to theorize about the possibilities of computer-election fraud. It is quite another to ponder whether or not it has already happened. But that is the problem with election technology: Once it is understood that it can be rigged and detection is unlikely under the current level of security and oversight, people are free to doubt the integrity of any outcome. When upsets occur in computer elections, or when a series of tight contests all fall in favor of one party, security-savvy observers who doubt the safety of the technology are going to wonder whether someone has manipulated the code. Results across the country on Nov. 5, which were tabulated and announced without the expected benefit of exit polling, cause Rebecca Mercuri to suspect fraud might have occurred.

“All I have [to go on] is races across the country that looked to be close that were all won by candidates of the same party,” Mercuri says. “OK, that could happen. But we have no real way to know whether the races were manipulated. And in states with computer voting, there were very surprising outcomes.”

Voter News Service is an exit-polling outfit funded by the major TV networks and the Associated Press. After its analysis mistakenly prompted networks to call Florida for Al Gore on election night 2000, great effort was put into revamping VNS’s data services, which provide much valuable information about how people vote–and also serve as a soft check to see if vote counts don’t square up with how people say they voted. VNS’s database broke down due to a computer glitch on this year’s election night, and the data still aren’t available. “Where is that data?” an exasperated Mercuri asks. “All they do . . . is Election Day exit polling. We rely on that for error-check, and without it there is no real way to know that something’s amiss.”

The results in Georgia, in particular, worry Mercuri. That’s because it is the only state with a unified, statewide DRE system–similar to the one Maryland has decided to implement. And in Georgia, the results favored the Republican Party with unexpected decisiveness. The U.S. Senate race in Georgia helped clinch majority status in the U.S. Senate for the Republicans, and the Democratic governor was tossed out in favor of the Peach State’s first Republican chief executive since Reconstruction.

Are any of the results in Georgia so surprising that they raise questions about election integrity in light of the security problems with computer voting? The answer is a matter of perspective.

Incumbent Sen. Max Cleland, a first-term Democrat who lost three limbs in the Vietnam War and was the youngest-ever head of the Veterans Administration, ran unchallenged in the August primary. Saxby Chambliss, a four-term Republican congressman from central-south Georgia whose bad knee got him a deferment from serving in Vietnam, won a three-way GOP primary with President Bush’s endorsement. During the general-election campaign, Chambliss aired a TV ad with an image of Osama bin Laden and a voice-over that questioned Cleland’s commitment to national security, and another in which the Veterans of Foreign Wars endorsed Chambliss over the Democrat. The Republican consistently put out the message that Cleland is too liberal for Georgia. Cleland was stoic about the attacks, but also fought back, questioning Chambliss’ voting record on issues important to senior citizens and students, among others. Between the primary and general elections, polling consistently showed Cleland in a double-digit lead over Chambliss, but slipping as Election Day approached; one election-eve poll had Chambliss in the lead by one point.

On Election Day, the conservative weekly magazine National Review published its predictions for Senate races nationwide. “Republicans may be disappointed if they don’t capture the Senate tonight, but they should put things in perspective,” national political reporter John Miller wrote. “Midterm elections usually lead to big-time losses for the party that controls the White House. At most, it appears the GOP will lose a seat or two.” In Georgia, National Review predicted that Cleland would win. However, Chambliss’ astounding 53 percent to 46 percent win over the Democrat helped the GOP win back the Senate, a clincher in a string of victories in races that had been too close to call before Nov. 5.

For those inclined to believe that the results in Georgia were legitimately recorded and counted–and other than Mercuri, no one spoken with for this article would do so on the record–the results are perfectly believable. Even without exit polling, it is clear that the influx of prominent national Republican leaders, including Bush, in Georgia prior to Election Day gave the party’s statewide candidates a lift in the final stretch of the campaign. Georgia’s Senate delegation historically tends to be Democratic, but, as was pointed out by in-state observers after the election, Georgia has been trending Republican for some time now. Election Day manifested the trend, as right-leaning voters came out in droves, due in part to the much-lauded get-out-the-vote effort engineered by former Christian Coalition leader Ralph Reed, who now heads the Georgia GOP, with substantial assistance from the national party and White House senior adviser Karl Rove. The GOP’s success in Georgia was simply the result of the party’s concentrated effort to win.

For those inclined to share Mercuri’s worries about the Georgia outcome, the GOP’s extraordinary effort only goes so far in explaining voter performance. A close look at county-level data for the primary and general elections, for instance, shows remarkably shifts in voter loyalties in unlikely areas of the state. Code manipulation or not, the results are unusual enough to stump, at least partially, the head of the University of Georgia’s political science department. But first, some background on the race.

Voters in Georgia don’t register as party members; they choose which primary to participate in when they show up at the polls. Thus, how voters cast their ballots in the primary serves as a leading indicator of the state’s partisan patterns and provides a good comparison to general-election patterns, says Charles Bullock, the University of Georgia professor. With 3.7 million registered voters in 159 counties (by comparison, Maryland’s 22 counties have 2.7 million voters), county-by-county analysis gives a pretty high level of definition as to how those patterns are distributed.

August’s primary results reinforce Georgia political wisdom that there is a partisan wall separating the Republican-dominated northwest segment of the state–the 58 counties surrounding Atlanta, where two-thirds of the registered voters reside–and the other 101 counties to the south and east, which combined have half the population, but a greater number who cast Democratic ballots in August. Within each of these two regions are islands of renegade counties. DeKalb, Fulton, and Clayton counties in the Atlanta metro area, for instance, are heavily populated with Democratic voters; several areas in the rest of the state, including Chambliss’ south-central Georgia base, show heavier Republican participation than Democratic. Overall, though, as Bullock confirms, North Georgia tends to lean Republican, South Georgia tends to lean Democrat.

In the 58 northern counties, in spite of the heavy rain that fell all day Nov. 5, turnout was higher than expected, at a little more than 55 percent. The official results had Chambliss with 53.3 percent of the vote to Cleland’s 45.1 percent, with the rest going to the Libertarian candidate. In South Georgia, where turnout was slightly below average, voters also picked Chambliss, 51 percent to 47.4 percent. Unfortunate for Cleland, but not the sort of thing totally unexpected in politics.

What’s interesting, though, is how the counties’ party loyalties shifted between the primary and the general election. Voters in 58 counties spread throughout the state (accounting for 40 percent of the state’s electorate) voted more as less as they did in the primary. In the other 101 counties, the results were a little odd. In 27 counties in the Republican-dominated North, voters supported Republican Chambliss as expected, but Democrat Cleland won 14 percent more of the vote than he did in the primary. Likewise in 74 counties in the traditionally Democratic South, Cleland carried the day, but Chambliss won 22 percent more of the ballots than he could have expected based on the primary results.

So in the end, 60 percent of Georgia’s electorate live in counties which dramatically shifted partisan loyalties between the primary and general elections. Yet the final tally didn’t follow those shifts. In addition to his stable power base, Cleland won those anomalous Southern counties that shifted toward the GOP in the primary by an 18 percent margin. Unfortunately for him, Chambliss won the Northern counties that veered towards the Dems in the primary by a whopping 29 percent of the vote. What happened?

“Good question,” Bullock says over the phone, agreeing that it is a puzzling outcome. After mulling it over for a few days, he e-mails to suggest that the disparity in the number might be partially explained by voters in the minority party–say, Democrats in a heavily Republican county–casting ballots in the majority party’s primary in order to influence local races, then switching back to their true allegiances for the general election. While he cautions that it would take a much deeper statistical analysis to determine exactly what went on in the 2002 Georgia Senate race, Bullock agrees that the vote swings are acute and intuitively don’t make sense, especially since they occurred in county after county.

How would a programmer bent on throwing the Georgia Senate election go about using software code to create this outcome? Jason Kitcat, a British programmer who recently abandoned his long-pursued goal of designing a secure Internet-voting system because he now feels it is an impossibility, considered the question and explained his reasoning in an e-mail to City Paper:

“Where the system is entirely DRE [like Georgia’s], then you have many problems and potential points of failure. The system could be compromised at the ballot station by informing voters that they have voted Republican and storing Democrat,” Kitcat writes. “This can be done quite intelligently with randomisers, statistical analysers, etc., so that only a useful but hard-to-detect portion of the votes are manipulated. Depending on the system of transferring the sub-totals from each DRE ‘ballot box’ to intermediary and final counting systems, there are an incredible number of opportunities to compromise the vote.”

Using Kitcat’s suggested methods, theoretically it would be possible to, say, select counties where the outcome is expected to favor the Democrats by wide margins and target them for vote manipulation in favor of the GOP. That way, the outcome would still favor the Democrats, the Republicans would pick up the necessary votes, and no one would be the wiser.

“While computer audit tools allow you to track down changes to hard disks even after they have been erased, they would be useless in systems of the scale used for any serious public election,” he continues. “If a few votes are changed here and there, it would be basically undetectable. This could be done at operating system, database, communications, or applications level. The final counting system can also modify the results in a huge number of clever ways using techniques mentioned above.”

Given the potential for breaching DRE systems and manipulating codes, Kitcat, like Neumann and Mercuri, cannot comprehend why states are buying them. “While the technologies will always be flawed to some extent, the amount of trust election administrators put in the suppliers of DRE systems is shocking,” he writes. “They provide closed, proprietary systems which have never been assessed by independent third parties–we have no reliable assurances of the security or privacy they claim to provide!”

And are the vendors worthy of the level of trust they get from election officials? That, like the integrity of the Georgia Senate election, is a matter of perspective. Maryland Secretary of State Willis says he trusts Diebold, in part, because it is experienced with this technology in the ATM market, which requires a very high level of security. But other observers point to ethics scandals involving the industry and wonder whether private companies should be entrusted with the voting process.

Taken as a whole, the voting-machine industry is tightly knit and has a decidedly right-wing flavor, according to well-documented research by public-relations executive Bev Harris and Philadelphia journalist Lynn Landes, who question the soundness of putting private-sector partisans in charge of secretive vote counts.

Harris and Landes point to a bribery scheme involving the purchase of Sequoia machines in Louisiana, which was uncovered in 1999 and netted convictions against state elections commissioner Jerry Fowler and Sequoia’s exclusive agent there, David Philpot. A vice president of Election Systems, which makes absentee-ballot-counting machines in use in Maryland, received immunity in exchange for his cooperation in a successful corruption case against the Arkansas secretary of state in 1995. Given the taint of bribery surrounding voting-machine companies, Mercuri says, “you have to wonder what’s going on” as more and more states purchase DRE systems.

Whether or not you believe computer elections have already been tampered with, the risk remains. As long as there is no voter-verified audit trail, results that seem bizarre can be questioned only in theory. Mercuri sees an opportunity to close this credibility gap as regulations are written pursuant to HAVA, Congress’ new voting-system legislation.

“The legislation calls for an audit trail,” Mercuri says. “But it’s clear that the computer-voting companies interpret that as meaning ballot images–the post-election printouts of how each vote was recorded. Ballot images don’t prove anything. The voter never sees it, never checks it for accuracy. This can be fixed, though, as the regulations are written by making sure the words ‘voter-verified audit trail’ are included. So we’ll see if that makes it in there.”

Either way, Mercuri is not impressed with the new technology–voter-verified audit trail or not. As she monitored the Election Day performance of DRE voting systems in states across the country, she noted problems cropping up. “These things are programmed incorrectly, or the screens and push-buttons are misaligned,” she says, pointing out cases in Texas, Florida, and Georgia where voters selected one candidate and the computer screen kept indicating they had selected a different candidate. “And then it’s reported that a programmer came in and fixed the problem,” Mercuri says. “How do we know he fixed it? Why should we trust these results? No one’s going to notice that mistakes were made unless the outcome is completely weird.

“Everyone was saying it was fine, it went well on Election Day for new computer-voting machines, and I don’t understand why the news covered it that way,” she continues. “It didn’t go well. There were major news reports about these problems, yet the whole thing was spun as if they never happened. We don’t accept this level of bad performance in other products that are time-critical and have to be accurate, but we accept it when it’s voting machines.”

Diebold’s Radke says voters “have accepted the new technology,” pointing to Georgia, where polling for “positive remarks” found a 97 percent acceptance rate. “It went very, very smoothly in Georgia, ” he concludes. “People accepted the new technology.”

In Maryland on Election Day, software problems did occur in Montgomery County with the new DRE units. One Washington Post reporter summed it up by writing that “confusion reigned” in the use of the new machines. Despite the fact that the two main parties don’t have separate ballots in a general election, programming errors caused the word “Democrat” to be displayed at the top of some ballots, “Republican” on others. One voter, a Silver Spring computer consultant, told the Post reporter, “there something wrong. I could check ‘Ehrlich’ and I could check ‘Morella,’ but I’m not sure those answers went into the database. . . . It’s hard for me to believe.”

Despite these problems, Maryland Secretary of State Willis says the state studied voter acceptance of the new technology and found it to be very high. “Most of the voters adapted to it pretty well,” he says. As for whether or not the problems in Montgomery may have altered outcomes, Willis is confident that they didn’t. “We have looked hard at the results, and we know that they comport with historical voting patterns,” he says. “So if anyone’s rigging computer elections, they didn’t mess with Maryland.”

Given the risks of undetected manipulation, though, voters will have to trust computer elections won’t be messed with in the future.